-
漏洞描述

PostNuke contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the "sif" variable in the "modules/NS-Comments/index.php" module is not verified properly and will allow an attacker to inject or manipulate SQL queries.

-
时间线

公开日期:
2004-04-14

发现日期:
Unknow

利用日期:2004-04-14

解决日期:Unknow

-
解决方案

PostNuke has released a patch to address this vulnerability. It is also possible to correct the flaw by implementing the following workaround: Modify the source code such that the $sid and $pid variables in modules/NS-Comments/index.php line 1142 are properly verified:
VALUES ($nextid,
'".pnVarPrepForStore($pid)."',
'".pnVarPrepForStore($sid)."',
now(),
'".pnVarPrepForStore($uname)."',
'".pnVarPrepForStore($email)."',
'".pnVarPrepForStore($url)."',
'".pnVarPrepForStore($ip)."',
'".pnVarPrepForStore($subject)."',
'".pnVarPrepForStore($comment)."',
'".pnVarPrepForStore($score)."',
0)");